The subject of this post is my little suggestion for all lobbyists of the music industry. I decided to write about that after I read the article available at www.torrentfreak.com website about the idea of blocking the Internet for users who download “pirated” files. There is also an article available at www.arstechnica.com website about what happend in Denmark when they used “analogous ban” on the Pirate Bay.
Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market (‘Directive on electronic commerce’), Directive 2001/29/EC of the European Parliament and of the Council of 22 May 2001 on the harmonisation of certain aspects of copyright and related rights in the information society, Directive 2004/48/EC of the European Parliament and of the Council of 29 April 2004 on the enforcement of intellectual property rights, and Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) do not require the Member States to lay down, in a situation such as that in the main proceedings, an obligation to communicate personal data in order to ensure effective protection of copyright in the context of civil proceedings. However, Community law requires that, when transposing those directives, the Member States take care to rely on an interpretation of them which allows a fair balance to be struck between the various fundamental rights protected by the Community legal order. Further, when implementing the measures transposing those directives, the authorities and courts of the Member States must not only interpret their national law in a manner consistent with those directives but also make sure that they do not rely on an interpretation of them which would be in conflict with those fundamental rights or with the other general principles of Community law, such as the principle of proportionality.
Details about this case in the judgment C-275/06, Promusicae.
Normally you would expect malware writers to be arrested for breaking into computers with their code or damaging data, but in this case he is accused of breaching copyright because he used cartoon graphics without permission in his Trojan horse. Because this is the first arrest in Japan of a virus writer it’s likely to generate a lot of attention and there will be many people watching to see the outcome
said Graham Cluley from Sophos. More details about this issue are available at www.sophos.com.
Abstract:
Just as states have spent the last several years wrestling with the appropriate legal response to terror, they must now undertake a similar effort to deal with the burgeoning use of information operations (IO). IO involves the use of information technology, such as computer network attacks or psychological operations, to influence, disrupt, corrupt, usurp or defend information systems and the infrastructure they support. More than thirty states have developed IO capacities. But IO is also undoubtedly attractive to non-state actors like Al Qaeda, since the technology is mostly inexpensive, easy-to-use, and capable of deployment from virtually anywhere.This Article assesses the ways in which international law, specifically the rules regulating the use of force and the law of war, currently applies to IO. Conventional wisdom suggests existing rules can cover IO by analogy. The conventional wisdom is only half-right. This Article explains why the existing rules govern IO, but challenges the unstated assumption that they do so appropriately. Translating existing rules into the IO context produces extensive uncertainty, risking unintentional escalations of conflict where forces have differing interpretations of what is permissible. Alternatively, such uncertainty may discourage the use of IO even if it might produce less harm than traditional means of warfare. Beyond uncertainty, the existing legal framework is insufficient and overly complex. Existing rules have little to say about the non-state actors that will be at the center of future conflicts. And where the laws of war do not apply, even by analogy, an overwhelmingly complex set of other international and foreign law rules purport to govern IO.
To remedy such deficiencies, this Article proposes a new legal framework, an international law for information operations (ILIO). By adopting an ILIO, states could alleviate the uncertainty and complexity of the status quo, reduce transaction costs for states fighting global terror, and lessen the collateral costs of armed conflict itself. This Article concludes with a review of some of the regulatory design questions facing an ILIO, but does not offer any specific rules. Rather, its ultimate aim is to convince states and scholars about the need for an ILIO in the first place.
Hollis, Duncan B., “Why States Need an International Law for Information Operations” . Lewis & Clark Law Review, Vol. 11, No. 4, 2007. Available at SSRN: http://ssrn.com/abstract=1083889.
I am really suprised that US courts are interpreting the Miranda rule so late when it comes to “computer passwords”. See: In re Grand Jury Subpoena, 2007 U.S. Dist. LEXIS 87951, 2007 WL 4246473 (D. Vt. 2007). I recommend you to read European Court of Human Rights judgment in the case Funke v. France, [1993] ECHR 7 (25 February 1993).
Interpol’s investigators were able to recover an image of a man suspected of sexually exploiting children. He put his images in the Internet with his face altered by the use of a filter included in popular graphic software (for instance such as “twirl tool” in Adobe Photoshop®). Police and computers experts have used a reverse method to uncover suspect’s identity. Details of this case are available at www.slashdot.org website. You may find there another comments about this illusory privacy method.
Couple of days ago I wrote a post titled The Pirate Bay team as The Simpsons about a digital copy of this cult movie which is already available in the Net and what reaction to this fact was presented by the team connected with the activity of www.thepiratebay.org website. Now, I would like to recommend you to read the article available at www.zeropaid.com website which discuss The Simpsons Movie Box Office position and what happened to Bart Simpson when he downloaded a movie from the Internet. There is an options below, how to watch movies legally in the Net.
The Pirate Bay team likes to provoke and to overstep the mark. To celebrate the first publication of a CAM version of The Simpsons Movie they have changed its website. Check the story at www.torrentfreak.com website. But not all BitTorrent sites are so lucky and happy. As you can also read in the article available at www.torrentfreak.com website, Spanish Police shut down two Spanish torrent sites. Both were taken offline and three administrators were arrested and accused of facilitating “copyright infringement”.
The U.S. Court of Appeals for The Nninth Circuit held in its judgement in the case United States v. Forrester, 2007 U.S. App. LEXIS 16147 (9th Cir. 2007), that Dennis Louis Alba’s (co-defendant) e-mail and Internet activity did not constitute as Fourth Amendment’s search. The court ruled that even if the government’s computer surveillance went beyond the scope of former 18 U.S.C.S. §§ 3121-27 (as amended by the Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism (USA PATRIOT ACT) Act of 2001, Oct. 26, 2001, P.L. 107-56, Title II, § 216(a), 115 Stat. 288.), he was not entitled to suppression of evidence.
Please bear in mind that U.S. courts strictly follow the rule of fruit of the poisonous tree, that generally speaking prohibits the use of derivatives of illegal evidence in a court against a defendant. It originates from a judgement in the case Silverthorne Lumber Co. v. United States, 251 U.S. 385 (1920).
Well, no wonder that such case has spawned a lot of positive and negative comments issued by the American academia. Professor Shaun Martin voiced a forcible disagreement with Judge Raymond C. Fisher who wrote the opinion. However, professor Orin Kerr was not suprised by such findings and clearly showed in his article available at www.volokh.com website that there was no other option.
As usually, you will find more comments and links at www.slashdot.org. I think that a really good punchline to Mr. Alba’s reproaches was written in the article at wwwarstechnica.com website
In any event, readers interested in building a $10 million per month drug lab in the backyard should be aware that the government can get a list of all the phone numbers you call, the IP addresses you visit, and the people you e-mail.
I wrote about those issues before in a post titled Legal hacking, where I also briefly mentioned the case United States v. Heckenkamp, 2007 U.S. App. LEXIS 7806 (9th Cir. 2007), PDF file.
If someone is interested in Orin Kerr’s controversial (or not) statements then I recommend you to read for instance O. Kerr, “The Future of Internet Surveillance Law: A Symposium to Discuss Internet Surveillance, Privacy and the USA PATRIOT Act: Surveillance Law: Reshaping the Framework: A User’s Guide to the Stored Communications Act, and a Legislator’s Guide to Amending It”, 72 GEO. WASH. L. REV. 1208 (Aug. 2004).
I must admit that when I see legislators’ inclinations to monitor and spy on citizens and a susceptibility of many businesses who produce and distribute software designed to protect computers users against methods such as keystroke logging or rootkit (as an example just check a fresh article posted at www.news.com website), I momentally recall myself Judge Stanley Sporkin’s opinion issued in the case McVeigh v. Cohen, 983 F. Supp. 215 (D.D.C. 1998) at 220.
In these days of “big brother,” where through technology and otherwise the privacy interests of individuals from all walks of life are being ignored or marginalized, it is imperative that statutes explicitly protecting these rights be strictly observed.
I recommend you to read a judgement in the case United States v. Scarfo, 180 F. Supp. 2d 572 (D.N.J. 2001), in which Nicodemo S. Scarfo questioned the use of keylogger software by the FBI, althogh its agents had search warrants.
Cybercrime is not a binding legal definition in Polish law so I will not dwell on that term too much. There is Andy Greenberg’s article at www.forbes.com website about top countries for cybercrime. The US Department of Justice prepared a nice collection of information and materials available at www.cybercrime.gov website as regards to crimes comitted with the use of computer or/and telecommunications networks. There is “CSI/FBI Computer Crime and Security Survey” document available at www.fbi.gov too. It was done with the help of almost 700 respondents in 2005. The National White Collar Crime Center (NW3C) together with the Federal Bureau of Investigation also provided us with “2006 Internet Fraud Crime Report”. It is freely available at www.ic3.gov website (PDF file). If you are looking for additional papers I recommend you to use www.ssrn.com.
About two months ago, two releases named Harrison.Digital.Media.Salvation.v1.00-BB3D (nfo file) and Harrison.Digital.Media.Salvation.MX.v1.0-BB3D (nfo file) were preed on the warez scene. Trey Harrison is the creator of those programs, correctly named Harrison Digital Media Salvation. He used third party “effective” technological protection measure, known as Armadillo Software Passport to secure his products against illegal (i.e. without a valid license agreement) use. You may read an article at www.torrentfreak.com website how he negotiated with crackers to stop future cracking and distribiution of his work.
For all of you interested in this subject matter I recommend to read: Goldman, Eric, “Warez Trading and Criminal Copyright Infringement” (January 7, 2004). Available at SSRN: http://ssrn.com/abstract=487163. I do not want to sound immodest but additionaly, I’d like to suggest you to read my article. T. Rychlicki, “Crimes Violating Intellectual Property Laws. The Modus Operandi Of The Warez Scene”. Computer and Telecommunications Law Review, 2006, 12(1), 27-31. Sweet and Maxwell, London. I’ll try to put it on SSRN as soon as it is possible. Meanwhile, it is available at www.westlaw.com.
The Internet Crime Complaint Center has published an annual report (PDF file) concerning crimes committed with the use of computers networks.
In 2004, Jerome Heckenkamp gained unauthorized access (colloquially, he hacked) to servers of corporations such as Qualcomm, Cygnus Solutions and eBay. Evidences of his actions were gathered also by a campus network administrator where Jerome’s computer was connected. He got them by hacking into the Heckenkamp’s Linux box. Judge Sidney R. Thomas ruled in the case United States v. Heckenkamp, 2007 U.S. App. LEXIS 7806 (9th Cir. 2007), PDF file format, that such actions were justified and did not violate the Fourth Amendment provisions.
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
Jeffrey Savoy’s “hacking searches” were acknowledged as “special needs” exception and therefore the FBI was not required to obtain a search warrant. Jerome Heckenkamp was convinced based on regulations included in 18 U.S.C.S. § 1030(a)(5)(B) - Computer Fraud and Abuse Act (CFAA) of 1986, Pub. L. No. 99-474, 100 Stat. 1213 (Oct. 16, 1986) amending Counterfeit Access Device and Computer Fraud and Abuse Act of 1984, Pub. L. No. 98-473, 98 Stat. 1837 (Oct. 12, 1984). In Polish law so-called “hacking” crimes are penalised by regulations included in the Act on June 6, 1997, Penal Code (Dziennik Ustaw No 88, pos. 553 on August 2, 1997, with later changes):
Article 267.
§ 1. Whoever, without being authorised to do so, acquires information not destined for him, by opening a sealed letter, or connecting to a wire that transmits information or by breaching electronic, magnetic or other special protection for that information shall be subject to a fine, the penalty of restriction of liberty or the penalty of deprivation of liberty for up to 2 years.
§ 2. The same punishment shall be imposed on anyone, who, in order to acquire information to which he is not authorised to access, installs or uses tapping, visual detection or other special equipment.
§ 3. The same punishment shall be imposed on anyone, who imparts to another person the information obtained in the manner specified in § 1 or 2 discloses to another person.
§ 4. The prosecution of the offence specified in § 1 – 3 shall occur on a motion of the injured person.
In the international legal context such crimes were first covered by the Council of Europe Convention on Cybercrime signed in Budapest on November 23, 2001, CETS No. 185. The United States was one of 30 countries that signed the Convention on November 23, 2001. On August 2, 2006, the US Sentat ratified it.
You may find more information about the Fourth Amendment at www.findlaw.com website.
I will repeat myself again but I do not really think this kind of criminal activity should be called piracy. Anyway, this post is about a documentary movie called “On Piracy & The Future of Media”. You can read more about it on the official www.piracydocumentary.com website. It is also available for free to watch and to download.
Yesterday, different electronic media with a reliable www.slashdot.org website among them informed us that computer program gracefully named Display Eater will delete whole /home directory (under Mac OSX) if it “recognizes” that the user obtained it without a valid licence key. Today, the creator of this software explained on his www.reversecode.com website that it was a hoax. Passing over the whole case I started to wonder about the liability of an author of such computer program if his/her work would really have and executed such commands/functions. Would it be civil liability rules based on the Polish Civil code general provisions? I do not want to start to think about that now. There would be also one solution in the US law for this issue. Section 1030(a)(5)(A) of The Computer Fraud and Abuse Act, Pub. L. No. 99-474, 100 Stat. 1213 (Oct. 16, 1986), codified in 18 U.S.C.A. 1030., provides the responsibility for anyone who
knowingly causes the transmission of a program, information, code, or command, nd as a result of such conduct, intentionally causes damage without authorization, to a protected computer
In 1994, the US Congress amended the CFAA and created a civil action right.
Section 1030(g)
Any person who suffers damages or loss by reason of a violation of this section may maintain a civil action against the violator to obtain compensatory damages and injuctive relief or other equitable relief.
One should always be aware that those are only statutory provisions and the US court would consider many other different factors. I mean a circumstance that this software was obtained without a licence, for instance. I recommend you a lecture of the judgement in the case Thurmond v. Compaq Computer Corp., 171 F. Supp. 2d 667, 684 (E.D. Tex. 2001), (PDF file). This case also concerns a judicial interpretation of rules I mentioned above.